Add an S for Uncensored Google Search in China

Submitted by martin on Thu, Apr 05, 2012

The Great Firewall of China censors hundreds of keywords. In the case of Google, this means that if you search for any of them the result is the infamous Connection Reset. However, if you use the encrypted version of Google, the firewall cannot filter the connection based on keywords. Accessing the encrypted version of Google from China takes a few tweaks, but it is not blocked. The reason that it's not straightforward to use is that Google redirects you to other URLs depending on what you start out with. Here's an overview:

So, as you can see, if you enter https://www.google.com.hk or https://www.google.co.uk, you are not redirected, the site is encrypted, you can search for any keywords and the sites are not blocked in China. In other words, you have uncensored Google searches in China without a VPN.

Another alternative is to use the HTTPS Everywhere plugin available for Firefox and Chrome.

* The redirect on http://www.google.cn is manual, you have to click to go to the Hong Kong version of Google. All other redirects are done automatically, without the user being informed.

Tue, Mar 31, 2015

The Great Firewall has switched from being a passive, inbound filter to being an active and aggressive outbound one. This is a frightening development and the implications of this action extend beyond control of information on the internet. In one quick movement, the authorities have shifted from enforcing strict censorship in China to enforcing Chinese censorship on internet users worldwide.

Fri, Mar 27, 2015

This week, Google found unauthorized digital certificates for several Google domains, the root CA of which is CNNIC. Google and Mozilla both publicly disclosed this security incident and published blog posts(Google, Mozilla). However, Chinese translations of Google’s and Mozilla's blog posts were censored on the Chinese Internet.

William Long is a prominent Chinese blogger on IT and tech. He translated Google’s security post without adding any personal opinions. The Chinese blogpost ranked #1 when searching CNNIC MITM in Chinese on Google and Baidu. He tweeted that he received a phone call from propaganda department demanding the post to be removed immediately. The post http://www.williamlong.info/archives/4183.html was deleted. Google cache is still available.

省政府新闻办打电话来称，“谷歌称CNNIC发布中间人攻击证书”一文需要立刻删除。

Wed, Mar 25, 2015

Since 2013, we have repeatedly called on major software vendors to revoke CNNIC-issued certificates. Most notably, we raised this issue when we reported on the Cyberspace Administration of China’s (CAC) man-in-the-middle (MITM) attacks on Google, Microsoft’s Outlook, Apple, Yahoo and Github. Mainstream media have reported about these security vulnerabilities before and on March 24, Ars Technica reported on Google’s announcement that they have definitive evidence that CNNIC (China Internet Network Information Center) was behind a new MITM attack on Google.

Thu, Mar 19, 2015

Likely in response to a recent story in the Wall Street Journal (WSJ), we’ve experienced our first ever distributed denial of service (DDoS) attack. This tactic is used to bring down web pages by flooding them with lots of requests - at the time of writing they number 2.6 billion requests per hour. Websites are not equipped to handle that kind of volume so they usually “break” and go offline.

This kind of attack is aggressive and is an exhibition of censorship by brute force. Attackers resort to tactics like this when they are left with no other options.

We are not equipped to handle a DDoS attack of this magnitude and we need help. Some background:

The attack started on March 17 and we are receiving up to 2.6 billion requests per hour which is about 2500 times more than normal levels.